CISA, FBI, USCYBEROM Issue Warning on ‘Kimsuky’ North Korean-Backed Hacking Group

CISA, FBI, USCYBEROM Issue Warning on ‘Kimsuky’ North Korean-Backed Hacking Group
Advanced Persistent Threat

The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Cyber Command Cyber National Mission Force (CNMF) have issued a joint advisory to warn the public of a North Korean-linked hacking group called Kimsuky.

The advanced persistent threat (APT) group uses social engineering and spearphishing tactics to infiltrate U.S. systems, according to the notice dated Tuesday.

CISA, FBI and CNMF utilized data from intelligence reporting and open-source databases to consolidate Kimsuky's tactics, techniques and procedures (TTP).

Kimsuky has also used stolen web hosting credentials to disseminate threats and created subdomains to mimic websites such as Google and Yahoo.

According to the advisory, Kimsuky conducts intelligence collection operations against organizations and individuals in the U.S., Japan and South Korea. The APT group was most likely launched in 2012, the notice states.

You may also be interested in...

Jennifer Granholm

DOE Invests $24 Million to Advance Transformational Air Pollution Capture; Jennifer Granholm Quoted

The Department of Energy (DOE) plans to invest $24 million in research projects on carbon capture technologies, as the U.S. continues to address climate change. DOE said Friday that it needs technologies that can directly absorb carbon emissions from the air in a way similar to the photosynthesis of plants.